CVE-2025-3356

Name of the Vulnerable Software and Affected Versions IBM Tivoli Monitoring versions 6.3.0.7 through 6.3.0.7 Service Pack 21

Description The software contains a directory traversal flaw. A remote attacker can exploit this by sending specially crafted URL requests containing "dot dot" sequences (../) to view, overwrite, or append to arbitrary files on the system. The vulnerability allows manipulation of URL requests to traverse directories, potentially enabling unauthorized access to files within the server’s filesystem.

Recommendations Versions prior to 6.3.0.7 Service Pack 22 should be updated.